<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>
<blockquote type="cite">
<div class="gmail_default" style="font-size:small">There are two
issues, both of which I brought up at the start of DPRIV:</div>
<div class="gmail_default" style="font-size:small"><br>
</div>
<div class="gmail_default" style="font-size:small">1) Must be
supported by browsers.</div>
<div class="gmail_default" style="font-size:small">2) Protocol
MUST be entirely state free</div>
<div class="gmail_default" style="font-size:small"><br>
</div>
<div class="gmail_default" style="font-size:small">If you want a
protocol to be deployed, you need to solicit input from the
people who you need for deployment and take notice of it. DNS
over anything TCP is not going to measure up.</div>
</blockquote>
DNS-over-TLS in public resolvers would be very useful for
small-scale DNS repeaters in corporations and ISPs. They usually
connect to few public resolvers and can easily keep these
connections alive. Persistent TCP connections place much lighter
burden on firewalls than UDP requests, so there might be overall
performance gain on both sides.<br>
</p>
<p>QUIK, SCTP and similar future technologies can be even better,
but are obviously not ready for deployment here and now. TLS is.<br>
</p>
<div class="moz-signature"><!-- signature start -->
--<br>
<br>
With Best Regards,<br>
Marat Khalili<br>
</div>
<br>
</body>
</html>